IPMI port vulnerability (VNC protocol enabled) | Nutanix Community
Skip to main content
Solved

IPMI port vulnerability (VNC protocol enabled)

  • September 29, 2021
  • 4 replies
  • 644 views
J
Forum|alt.badge.img+1

Hi there.
A security check on my nutanix clusters (8 nodes) revealed that the IPMI port on every nodes is vulnerable cause the VNC protocol is used to access them through port 5900.

Issue:
"...Virtual Network Computing (VNC) provides remote users with access to the system it it installed on. If this service is compromised, the user can gain complete control of the system...."

Remediation:
"...Remove or disable this service..."

What are my options? It is possible to disable these ports without affecting the performance of the NUTANIX cluster.

Thanks in advance.

Best answer by Michael.Manuele

@jssanche1975 

Here you go:

https://portal.nutanix.com/page/documents/kbs/details?targetId=kA032000000TTQgCAO

https://portal.nutanix.com/page/documents/kbs/details?targetId=kA032000000988sCAA

 

These two support articles should answer your question and address the issue.

Mike

View original
"The best way to find yourself is to lose yourself in the service of others..." M. Gandhi
Did this topic help you find an answer to your question?
This topic has been closed for comments

4 replies

Michael.Manuele
Nutanix Employee
Forum|alt.badge.img+4

@jssanche1975 What hardware are you running on?  Are these NX nodes?

J
Forum|alt.badge.img+1
  • jssanche1975
  • Author
  • Adventurer
  • 5 replies
  • September 30, 2021

Hello Michael. 

Thanks for your reply. 

They are not NX servers. If I'm not mistaken, it is the same issue for any HW (NUTANIX, DELL, LENOVO, HP, ETC), the administrative port is accessed through the VNC protocol.

 

Thanks for your prompt response.

 

 

"The best way to find yourself is to lose yourself in the service of others..." M. Gandhi
Michael.Manuele
Nutanix Employee
Forum|alt.badge.img+4
  • Michael.ManueleNutanix Employee
  • Nutanix Employee
  • 47 replies
  • Answer
  • September 30, 2021

@jssanche1975 

Here you go:

https://portal.nutanix.com/page/documents/kbs/details?targetId=kA032000000TTQgCAO

https://portal.nutanix.com/page/documents/kbs/details?targetId=kA032000000988sCAA

 

These two support articles should answer your question and address the issue.

Mike

J
Forum|alt.badge.img+1
  • jssanche1975
  • Author
  • Adventurer
  • 5 replies
  • September 30, 2021

Hello Michael,

I really appreciate your help, these tech notes will definitely solve the issue. 

 

Thank a lot, 

"The best way to find yourself is to lose yourself in the service of others..." M. Gandhi
Michael.Manuele
1 person likes this
  • Michael.Manuele
    Michael.Manuele
Terms & Conditions